using System;
using System.IO;
using System.Xml;
using System.Diagnostics;
using System.Reflection;
using System.Resources;
using System.Globalization;
using System.Text;
using System.Text.RegularExpressions;
using System.Data;
using System.Data.SqlClient;
using System.Collections;
using System.Configuration;
using System.Collections.Specialized;
using System.Runtime.InteropServices;
using System.Runtime.Serialization;


namespace LongNet.Util
{
    //#region enum DataOption
    
    //public enum DataOption
    //{ 
    //    Select  = 0,
    //    Create ,
    //    Update ,
    //    Delete ,
    //    Login
    //}

    //#endregion

    public sealed class SqlHelper
		{
			#region public ConnectionString

			private static string _defaultConnectionString;
            static private object _objectLock = new object();
			public static string ConnectionString
			{
				get
				{
                    if (_defaultConnectionString == null || _defaultConnectionString.Length == 0 || _defaultConnectionString == "")
                    {
                        lock (_objectLock)
                        {
                           // _defaultConnectionString = Settings.Default.ConnectionString;
                           // _defaultConnectionString = "Data Source=192.168.0.1;Initial Catalog=Generic;User ID=WAPPortal;Password=WAPPortal";

                          //  _defaultConnectionString = "Data Source=MFUN86-206;Initial Catalog=Generic;User ID=sa;Password=123456;Pooling=False";
                           //   _defaultConnectionString = "Data Source=219.133.55.207;Initial Catalog=WUZI_COM;User ID=sa;Password=4367ccbsz4272;Pooling=False;Min Pool Size=10";
                           // _defaultConnectionString = @"Data Source=125.91.5.181,11433;Initial Catalog=WUZI_COM;User ID=sa;Password=1qazxsw23edcvfr45tgbnhy6;Pooling=False;";

                            //string sqlc = System.Configuration.ConfigurationManager.ConnectionStrings["sqlconnString"].ConnectionString;
                            string sqlc = System.Configuration.ConfigurationManager.AppSettings["sqlconnString"];

                            if (sqlc != null && sqlc.Length > 0)

                                _defaultConnectionString = sqlc;

                        }
                    }
                    return _defaultConnectionString;
				}
			}


			#endregion

			#region private utility methods & constructors

			//Since this class provides only static methods, make the default constructor private to prevent 
			//instances from being created with "new SqlHelper()".
			private SqlHelper() {}



			/// <summary>
			/// This method is used to attach array of SqlParameters to a SqlCommand.
			/// 
			/// This method will assign a value of DbNull to any parameter with a direction of
			/// InputOutput and a value of null.  
			/// 
			/// This behavior will prevent default values from being used, but
			/// this will be the less common case than an intended pure output parameter (derived as InputOutput)
			/// where the user provided no input value.
			/// </summary>
			/// <param name="command">The command to which the parameters will be added</param>
			/// <param name="commandParameters">an array of SqlParameters tho be added to command</param>
			private static void AttachParameters(SqlCommand command, SqlParameter[] commandParameters)
			{
				foreach (SqlParameter p in commandParameters)
				{
					//check for derived output value with no value assigned
					if ((p.Direction == ParameterDirection.InputOutput) && (p.Value == null))
					{
						p.Value = DBNull.Value;
					}
				
					command.Parameters.Add(p);
				}
			}

			/// <summary>
			/// This method assigns an array of values to an array of SqlParameters.
			/// </summary>
			/// <param name="commandParameters">array of SqlParameters to be assigned values</param>
			/// <param name="parameterValues">array of objects holding the values to be assigned</param>
			private static void AssignParameterValues(SqlParameter[] commandParameters, object[] parameterValues)
			{
				if ((commandParameters == null) || (parameterValues == null)) 
				{
					//do nothing if we get no data
					return;
				}

				// we must have the same number of values as we pave parameters to put them in
				if (commandParameters.Length != parameterValues.Length)
				{
					throw new ArgumentException("Parameter count does not match Parameter Value count.");
				}

				//iterate through the SqlParameters, assigning the values from the corresponding position in the 
				//value array
				for (int i = 0, j = commandParameters.Length; i < j; i++)
				{
					commandParameters[i].Value = parameterValues[i];
				}
			}

			/// <summary>
			/// This method opens (if necessary) and assigns a connection, transaction, command type and parameters 
			/// to the provided command.
			/// </summary>
			/// <param name="command">the SqlCommand to be prepared</param>
			/// <param name="connection">a valid SqlConnection, on which to execute this command</param>
			/// <param name="transaction">a valid SqlTransaction, or 'null'</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <param name="commandParameters">an array of SqlParameters to be associated with the command or 'null' if no parameters are required</param>
			private static void PrepareCommand(SqlCommand command, SqlConnection connection, SqlTransaction transaction, CommandType commandType, string commandText, SqlParameter[] commandParameters)
			{
				//if the provided connection is not open, we will open it
				if (connection.State != ConnectionState.Open)
				{
					connection.Open();
				}

				//associate the connection with the command
				command.Connection = connection;

				//set the command text (stored procedure name or SQL statement)
				command.CommandText = commandText;

				//if we were provided a transaction, assign it.
				if (transaction != null)
				{
					command.Transaction = transaction;
				}

				//set the command type
				command.CommandType = commandType;

				//attach the command parameters if they are provided
				if (commandParameters != null)
				{
					AttachParameters(command, commandParameters);
				}

				return;
			}


			#endregion private utility methods & constructors

			#region AddParameters

			public static object CheckForNullString(string text)
			{
				if(text == null || text.Trim().Length == 0)
				{
					return System.DBNull.Value;
				}
				else
				{
					return text;
				}
			}

            public static string CheckNull(object obj)
            {
                return (String)obj;
            }

            public static string CheckNull(DBNull obj)
            {
                return null;
            }

			public static SqlParameter MakeInParam(string ParamName, object Value)
			{
				return new SqlParameter(ParamName,Value);
			}

			/// <summary>
			/// Make input param.
			/// </summary>
			/// <param name="ParamName">Name of param.</param>
			/// <param name="DbType">Param type.</param>
			/// <param name="Size">Param size.</param>
			/// <param name="Value">Param value.</param>
			/// <returns>New parameter.</returns>
			public static SqlParameter MakeInParam(string ParamName, SqlDbType DbType, int Size, object Value) 
			{
				return MakeParam(ParamName, DbType, Size, ParameterDirection.Input, Value);
			}		

			/// <summary>
			/// Make input param.
			/// </summary>
			/// <param name="ParamName">Name of param.</param>
			/// <param name="DbType">Param type.</param>
			/// <param name="Size">Param size.</param>
			/// <returns>New parameter.</returns>
			public static SqlParameter MakeOutParam(string ParamName, SqlDbType DbType, int Size) 
			{
				return MakeParam(ParamName, DbType, Size, ParameterDirection.Output, null);
			}		

			/// <summary>
			/// Make stored procedure param.
			/// </summary>
			/// <param name="ParamName">Name of param.</param>
			/// <param name="DbType">Param type.</param>
			/// <param name="Size">Param size.</param>
			/// <param name="Direction">Parm direction.</param>
			/// <param name="Value">Param value.</param>
			/// <returns>New parameter.</returns>
			public static SqlParameter MakeParam(string ParamName, SqlDbType DbType, Int32 Size, ParameterDirection Direction, object Value) 
			{
				SqlParameter param;

				if(Size > 0)
					param = new SqlParameter(ParamName, DbType, Size);
				else
					param = new SqlParameter(ParamName, DbType);

				param.Direction = Direction;
				if (!(Direction == ParameterDirection.Output && Value == null))
					param.Value = Value;

				return param;
			}
	

			#endregion

			#region ExecuteNonQuery

			/// <summary>
			/// Execute a SqlCommand (that returns no resultset and takes no parameters) against the database specified in 
			/// the connection string. 
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  int result = ExecuteNonQuery(connString, CommandType.StoredProcedure, "PublishOrders");
			/// </remarks>
			/// <param name="connectionString">a valid connection string for a SqlConnection</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <returns>an int representing the number of rows affected by the command</returns>
			public static int ExecuteNonQuery(string connectionString, CommandType commandType, string commandText)
			{
				//pass through the call providing null for the set of SqlParameters
				return ExecuteNonQuery(connectionString, commandType, commandText, (SqlParameter[])null);
			}

			/// <summary>
			/// Execute a SqlCommand (that returns no resultset) against the database specified in the connection string 
			/// using the provided parameters.
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  int result = ExecuteNonQuery(connString, CommandType.StoredProcedure, "PublishOrders", new SqlParameter("@prodid", 24));
			/// </remarks>
			/// <param name="connectionString">a valid connection string for a SqlConnection</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
			/// <returns>an int representing the number of rows affected by the command</returns>
			public static int ExecuteNonQuery(string connectionString, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
			{
				//create & open a SqlConnection, and dispose of it after we are done.
				using (SqlConnection cn = new SqlConnection(connectionString))
				{
					cn.Open();
					//call the overload that takes a connection in place of the connection string
					return ExecuteNonQuery(cn, commandType, commandText, commandParameters);
				}
			}

			/// <summary>
			/// Execute a stored procedure via a SqlCommand (that returns no resultset) against the database specified in 
			/// the connection string using the provided parameter values.  This method will query the database to discover the parameters for the 
			/// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
			/// </summary>
			/// <remarks>
			/// This method provides no access to output parameters or the stored procedure's return value parameter.
			/// 
			/// e.g.:  
			///  int result = ExecuteNonQuery(connString, "PublishOrders", 24, 36);
			/// </remarks>
			/// <param name="connectionString">a valid connection string for a SqlConnection</param>
			/// <param name="spName">the name of the stored prcedure</param>
			/// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
			/// <returns>an int representing the number of rows affected by the command</returns>
			public static int ExecuteNonQuery(string connectionString, string spName, params object[] parameterValues)
			{
				//if we receive parameter values, we need to figure out where they go
				if ((parameterValues != null) && (parameterValues.Length > 0)) 
				{
                    SqlParameter[] commandParameters;
                    if (parameterValues[0] is SqlParameter)
                    {
                        commandParameters = (SqlParameter[])parameterValues;
                    }
                    else
                    {
                        //pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
                        commandParameters = SqlHelperParameterCache.GetSpParameterSet(connectionString, spName);

                        //assign the provided values to these parameters based on parameter order
                        AssignParameterValues(commandParameters, parameterValues);
                    }

					//call the overload that takes an array of SqlParameters
					return ExecuteNonQuery(connectionString, CommandType.StoredProcedure, spName, commandParameters);
				}
					//otherwise we can just call the SP without params
				else 
				{
					return ExecuteNonQuery(connectionString, CommandType.StoredProcedure, spName);
				}
			}

			/// <summary>
			/// Execute a SqlCommand (that returns no resultset and takes no parameters) against the provided SqlConnection. 
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  int result = ExecuteNonQuery(conn, CommandType.StoredProcedure, "PublishOrders");
			/// </remarks>
			/// <param name="connection">a valid SqlConnection</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <returns>an int representing the number of rows affected by the command</returns>
			public static int ExecuteNonQuery(SqlConnection connection, CommandType commandType, string commandText)
			{
				//pass through the call providing null for the set of SqlParameters
				return ExecuteNonQuery(connection, commandType, commandText, (SqlParameter[])null);
			}

			/// <summary>
			/// Execute a SqlCommand (that returns no resultset) against the specified SqlConnection 
			/// using the provided parameters.
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  int result = ExecuteNonQuery(conn, CommandType.StoredProcedure, "PublishOrders", new SqlParameter("@prodid", 24));
			/// </remarks>
			/// <param name="connection">a valid SqlConnection</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
			/// <returns>an int representing the number of rows affected by the command</returns>
			public static int ExecuteNonQuery(SqlConnection connection, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
			{	
				//create a command and prepare it for execution
				SqlCommand cmd = new SqlCommand();
				PrepareCommand(cmd, connection, (SqlTransaction)null, commandType, commandText, commandParameters);
			
				//finally, execute the command.
				int retval = cmd.ExecuteNonQuery();
			
				// detach the SqlParameters from the command object, so they can be used again.
				cmd.Parameters.Clear();
				return retval;
			}

			/// <summary>
			/// Execute a stored procedure via a SqlCommand (that returns no resultset) against the specified SqlConnection 
			/// using the provided parameter values.  This method will query the database to discover the parameters for the 
			/// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
			/// </summary>
			/// <remarks>
			/// This method provides no access to output parameters or the stored procedure's return value parameter.
			/// 
			/// e.g.:  
			///  int result = ExecuteNonQuery(conn, "PublishOrders", 24, 36);
			/// </remarks>
			/// <param name="connection">a valid SqlConnection</param>
			/// <param name="spName">the name of the stored procedure</param>
			/// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
			/// <returns>an int representing the number of rows affected by the command</returns>
			public static int ExecuteNonQuery(SqlConnection connection, string spName, params object[] parameterValues)
			{
				//if we receive parameter values, we need to figure out where they go
				if ((parameterValues != null) && (parameterValues.Length > 0)) 
				{
					//pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
					SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(connection.ConnectionString, spName);

					//assign the provided values to these parameters based on parameter order
					AssignParameterValues(commandParameters, parameterValues);

					//call the overload that takes an array of SqlParameters
					return ExecuteNonQuery(connection, CommandType.StoredProcedure, spName, commandParameters);
				}
					//otherwise we can just call the SP without params
				else 
				{
					return ExecuteNonQuery(connection, CommandType.StoredProcedure, spName);
				}
			}

			/// <summary>
			/// Execute a SqlCommand (that returns no resultset and takes no parameters) against the provided SqlTransaction. 
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  int result = ExecuteNonQuery(trans, CommandType.StoredProcedure, "PublishOrders");
			/// </remarks>
			/// <param name="transaction">a valid SqlTransaction</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <returns>an int representing the number of rows affected by the command</returns>
			public static int ExecuteNonQuery(SqlTransaction transaction, CommandType commandType, string commandText)
			{
				//pass through the call providing null for the set of SqlParameters
				return ExecuteNonQuery(transaction, commandType, commandText, (SqlParameter[])null);
			}

			/// <summary>
			/// Execute a SqlCommand (that returns no resultset) against the specified SqlTransaction
			/// using the provided parameters.
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  int result = ExecuteNonQuery(trans, CommandType.StoredProcedure, "GetOrders", new SqlParameter("@prodid", 24));
			/// </remarks>
			/// <param name="transaction">a valid SqlTransaction</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
			/// <returns>an int representing the number of rows affected by the command</returns>
			public static int ExecuteNonQuery(SqlTransaction transaction, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
			{
				//create a command and prepare it for execution
				SqlCommand cmd = new SqlCommand();
				PrepareCommand(cmd, transaction.Connection, transaction, commandType, commandText, commandParameters);
			
				//finally, execute the command.
				int retval = cmd.ExecuteNonQuery();
			
				// detach the SqlParameters from the command object, so they can be used again.
				cmd.Parameters.Clear();
				return retval;
			}

			/// <summary>
			/// Execute a stored procedure via a SqlCommand (that returns no resultset) against the specified 
			/// SqlTransaction using the provided parameter values.  This method will query the database to discover the parameters for the 
			/// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
			/// </summary>
			/// <remarks>
			/// This method provides no access to output parameters or the stored procedure's return value parameter.
			/// 
			/// e.g.:  
			///  int result = ExecuteNonQuery(conn, trans, "PublishOrders", 24, 36);
			/// </remarks>
			/// <param name="transaction">a valid SqlTransaction</param>
			/// <param name="spName">the name of the stored procedure</param>
			/// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
			/// <returns>an int representing the number of rows affected by the command</returns>
			public static int ExecuteNonQuery(SqlTransaction transaction, string spName, params object[] parameterValues)
			{
				//if we receive parameter values, we need to figure out where they go
				if ((parameterValues != null) && (parameterValues.Length > 0)) 
				{
					//pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
					SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(transaction.Connection.ConnectionString, spName);

					//assign the provided values to these parameters based on parameter order
					AssignParameterValues(commandParameters, parameterValues);

					//call the overload that takes an array of SqlParameters
					return ExecuteNonQuery(transaction, CommandType.StoredProcedure, spName, commandParameters);
				}
					//otherwise we can just call the SP without params
				else 
				{
					return ExecuteNonQuery(transaction, CommandType.StoredProcedure, spName);
				}
			}


			#endregion ExecuteNonQuery

            #region ExecuteDataTable

            public static DataTable ExecuteDataTable(string connectionString, CommandType commandType, string commandText)
            {
                return ExecuteDataTable(connectionString, commandType, commandText, null);
            }

            public static DataTable ExecuteDataTable(string connectionString, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
            {
                DataTable dataTable;

                SqlConnection sqlConnection = new SqlConnection(connectionString);
                try
                {
                    sqlConnection.Open();
                    dataTable = ExecuteDataTable(sqlConnection, commandType, commandText, commandParameters);
                }
                finally
                {
                    if (sqlConnection != null)
                    {
                        sqlConnection.Dispose();
                    }
                }
                return dataTable;
            }

            public static DataTable ExecuteDataTable(SqlConnection connection, CommandType commandType, string commandText)
            {
                return ExecuteDataTable(connection, commandType, commandText, null);
            }

            public static DataTable ExecuteDataTable(SqlConnection connection, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
            {
                SqlCommand sqlCommand = new SqlCommand();
                PrepareCommand(sqlCommand, connection, null, commandType, commandText, commandParameters);
                SqlDataAdapter sqlDataAdapter = new SqlDataAdapter(sqlCommand);
                DataTable dataTable = new DataTable();
                sqlDataAdapter.Fill(dataTable);
                sqlCommand.Parameters.Clear();
                return dataTable;
            }

            public static DataTable ExecuteDataTable(SqlTransaction transaction, CommandType commandType, string commandText)
            {
                return ExecuteDataTable(transaction, commandType, commandText, null);
            }

            public static DataTable ExecuteDataTable(SqlTransaction transaction, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
            {
                SqlCommand sqlCommand = new SqlCommand();
                PrepareCommand(sqlCommand, transaction.Connection, transaction, commandType, commandText, commandParameters);
                SqlDataAdapter sqlDataAdapter = new SqlDataAdapter(sqlCommand);
                DataTable dataTable = new DataTable();
                sqlDataAdapter.Fill(dataTable);
                sqlCommand.Parameters.Clear();
                return dataTable;
            }

            #endregion

            #region ExecuteDataSet

            /// <summary>
			/// Execute a SqlCommand (that returns a resultset and takes no parameters) against the database specified in 
			/// the connection string. 
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  DataSet ds = ExecuteDataset(connString, CommandType.StoredProcedure, "GetOrders");
			/// </remarks>
			/// <param name="connectionString">a valid connection string for a SqlConnection</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <returns>a dataset containing the resultset generated by the command</returns>
			public static DataSet ExecuteDataset(string connectionString, CommandType commandType, string commandText)
			{
				//pass through the call providing null for the set of SqlParameters
				return ExecuteDataset(connectionString, commandType, commandText, (SqlParameter[])null);
			}

			/// <summary>
			/// Execute a SqlCommand (that returns a resultset) against the database specified in the connection string 
			/// using the provided parameters.
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  DataSet ds = ExecuteDataset(connString, CommandType.StoredProcedure, "GetOrders", new SqlParameter("@prodid", 24));
			/// </remarks>
			/// <param name="connectionString">a valid connection string for a SqlConnection</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
			/// <returns>a dataset containing the resultset generated by the command</returns>
			public static DataSet ExecuteDataset(string connectionString, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
			{
				//create & open a SqlConnection, and dispose of it after we are done.
				using (SqlConnection cn = new SqlConnection(connectionString))
				{
                    if( cn.State == ConnectionState.Closed )
					    cn.Open();

					//call the overload that takes a connection in place of the connection string
					return ExecuteDataset(cn, commandType, commandText, commandParameters);
				}
			}

			/// <summary>
			/// Execute a stored procedure via a SqlCommand (that returns a resultset) against the database specified in 
			/// the connection string using the provided parameter values.  This method will query the database to discover the parameters for the 
			/// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
			/// </summary>
			/// <remarks>
			/// This method provides no access to output parameters or the stored procedure's return value parameter.
			/// 
			/// e.g.:  
			///  DataSet ds = ExecuteDataset(connString, "GetOrders", 24, 36);
			/// </remarks>
			/// <param name="connectionString">a valid connection string for a SqlConnection</param>
			/// <param name="spName">the name of the stored procedure</param>
			/// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
			/// <returns>a dataset containing the resultset generated by the command</returns>
			public static DataSet ExecuteDataset(string connectionString, string spName, params object[] parameterValues)
			{
				//if we receive parameter values, we need to figure out where they go
				if ((parameterValues != null) && (parameterValues.Length > 0)) 
				{
					//pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
					SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(connectionString, spName);

					//assign the provided values to these parameters based on parameter order
					AssignParameterValues(commandParameters, parameterValues);

					//call the overload that takes an array of SqlParameters
					return ExecuteDataset(connectionString, CommandType.StoredProcedure, spName, commandParameters);
				}
					//otherwise we can just call the SP without params
				else 
				{
					return ExecuteDataset(connectionString, CommandType.StoredProcedure, spName);
				}
			}

			/// <summary>
			/// Execute a SqlCommand (that returns a resultset and takes no parameters) against the provided SqlConnection. 
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  DataSet ds = ExecuteDataset(conn, CommandType.StoredProcedure, "GetOrders");
			/// </remarks>
			/// <param name="connection">a valid SqlConnection</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <returns>a dataset containing the resultset generated by the command</returns>
			public static DataSet ExecuteDataset(SqlConnection connection, CommandType commandType, string commandText)
			{
				//pass through the call providing null for the set of SqlParameters
				return ExecuteDataset(connection, commandType, commandText, (SqlParameter[])null);
			}
		
			/// <summary>
			/// Execute a SqlCommand (that returns a resultset) against the specified SqlConnection 
			/// using the provided parameters.
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  DataSet ds = ExecuteDataset(conn, CommandType.StoredProcedure, "GetOrders", new SqlParameter("@prodid", 24));
			/// </remarks>
			/// <param name="connection">a valid SqlConnection</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
			/// <returns>a dataset containing the resultset generated by the command</returns>
			public static DataSet ExecuteDataset(SqlConnection connection, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
			{
				//create a command and prepare it for execution
				SqlCommand cmd = new SqlCommand();
				PrepareCommand(cmd, connection, (SqlTransaction)null, commandType, commandText, commandParameters);
			
				//create the DataAdapter & DataSet
				SqlDataAdapter da = new SqlDataAdapter(cmd);
				DataSet ds = new DataSet();

				//fill the DataSet using default values for DataTable names, etc.
				da.Fill(ds);
			
				// detach the SqlParameters from the command object, so they can be used again.			
				cmd.Parameters.Clear();
			
				//return the dataset
				return ds;						
			}
		
			/// <summary>
			/// Execute a stored procedure via a SqlCommand (that returns a resultset) against the specified SqlConnection 
			/// using the provided parameter values.  This method will query the database to discover the parameters for the 
			/// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
			/// </summary>
			/// <remarks>
			/// This method provides no access to output parameters or the stored procedure's return value parameter.
			/// 
			/// e.g.:  
			///  DataSet ds = ExecuteDataset(conn, "GetOrders", 24, 36);
			/// </remarks>
			/// <param name="connection">a valid SqlConnection</param>
			/// <param name="spName">the name of the stored procedure</param>
			/// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
			/// <returns>a dataset containing the resultset generated by the command</returns>
			public static DataSet ExecuteDataset(SqlConnection connection, string spName, params object[] parameterValues)
			{
				//if we receive parameter values, we need to figure out where they go
				if ((parameterValues != null) && (parameterValues.Length > 0)) 
				{
					//pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
					SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(connection.ConnectionString, spName);

					//assign the provided values to these parameters based on parameter order
					AssignParameterValues(commandParameters, parameterValues);

					//call the overload that takes an array of SqlParameters
					return ExecuteDataset(connection, CommandType.StoredProcedure, spName, commandParameters);
				}
					//otherwise we can just call the SP without params
				else 
				{
					return ExecuteDataset(connection, CommandType.StoredProcedure, spName);
				}
			}

			/// <summary>
			/// Execute a SqlCommand (that returns a resultset and takes no parameters) against the provided SqlTransaction. 
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  DataSet ds = ExecuteDataset(trans, CommandType.StoredProcedure, "GetOrders");
			/// </remarks>
			/// <param name="transaction">a valid SqlTransaction</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <returns>a dataset containing the resultset generated by the command</returns>
			public static DataSet ExecuteDataset(SqlTransaction transaction, CommandType commandType, string commandText)
			{
				//pass through the call providing null for the set of SqlParameters
				return ExecuteDataset(transaction, commandType, commandText, (SqlParameter[])null);
			}
		
			/// <summary>
			/// Execute a SqlCommand (that returns a resultset) against the specified SqlTransaction
			/// using the provided parameters.
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  DataSet ds = ExecuteDataset(trans, CommandType.StoredProcedure, "GetOrders", new SqlParameter("@prodid", 24));
			/// </remarks>
			/// <param name="transaction">a valid SqlTransaction</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
			/// <returns>a dataset containing the resultset generated by the command</returns>
			public static DataSet ExecuteDataset(SqlTransaction transaction, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
			{
				//create a command and prepare it for execution
				SqlCommand cmd = new SqlCommand();
				PrepareCommand(cmd, transaction.Connection, transaction, commandType, commandText, commandParameters);
			
				//create the DataAdapter & DataSet
				SqlDataAdapter da = new SqlDataAdapter(cmd);
				DataSet ds = new DataSet();

				//fill the DataSet using default values for DataTable names, etc.
				da.Fill(ds);
			
				// detach the SqlParameters from the command object, so they can be used again.
				cmd.Parameters.Clear();
			
				//return the dataset
				return ds;
			}
		
			/// <summary>
			/// Execute a stored procedure via a SqlCommand (that returns a resultset) against the specified 
			/// SqlTransaction using the provided parameter values.  This method will query the database to discover the parameters for the 
			/// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
			/// </summary>
			/// <remarks>
			/// This method provides no access to output parameters or the stored procedure's return value parameter.
			/// 
			/// e.g.:  
			///  DataSet ds = ExecuteDataset(trans, "GetOrders", 24, 36);
			/// </remarks>
			/// <param name="transaction">a valid SqlTransaction</param>
			/// <param name="spName">the name of the stored procedure</param>
			/// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
			/// <returns>a dataset containing the resultset generated by the command</returns>
			public static DataSet ExecuteDataset(SqlTransaction transaction, string spName, params object[] parameterValues)
			{
				//if we receive parameter values, we need to figure out where they go
				if ((parameterValues != null) && (parameterValues.Length > 0)) 
				{
					//pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
					SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(transaction.Connection.ConnectionString, spName);

					//assign the provided values to these parameters based on parameter order
					AssignParameterValues(commandParameters, parameterValues);

					//call the overload that takes an array of SqlParameters
					return ExecuteDataset(transaction, CommandType.StoredProcedure, spName, commandParameters);
				}
					//otherwise we can just call the SP without params
				else 
				{
					return ExecuteDataset(transaction, CommandType.StoredProcedure, spName);
				}
			}

			#endregion ExecuteDataSet
		
			#region ExecuteReader

			/// <summary>
			/// this enum is used to indicate whether the connection was provided by the caller, or created by SqlHelper, so that
			/// we can set the appropriate CommandBehavior when calling ExecuteReader()
			/// </summary>
			private enum SqlConnectionOwnership	
			{
				/// <summary>Connection is owned and managed by SqlHelper</summary>
				Internal, 
				/// <summary>Connection is owned and managed by the caller</summary>
				External
			}

			/// <summary>
			/// Create and prepare a SqlCommand, and call ExecuteReader with the appropriate CommandBehavior.
			/// </summary>
			/// <remarks>
			/// If we created and opened the connection, we want the connection to be closed when the DataReader is closed.
			/// 
			/// If the caller provided the connection, we want to leave it to them to manage.
			/// </remarks>
			/// <param name="connection">a valid SqlConnection, on which to execute this command</param>
			/// <param name="transaction">a valid SqlTransaction, or 'null'</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <param name="commandParameters">an array of SqlParameters to be associated with the command or 'null' if no parameters are required</param>
			/// <param name="connectionOwnership">indicates whether the connection parameter was provided by the caller, or created by SqlHelper</param>
			/// <returns>SqlDataReader containing the results of the command</returns>
			private static SqlDataReader ExecuteReader(SqlConnection connection, SqlTransaction transaction, CommandType commandType, string commandText, SqlParameter[] commandParameters, SqlConnectionOwnership connectionOwnership)
			{	
				//create a command and prepare it for execution
				SqlCommand cmd = new SqlCommand();
				PrepareCommand(cmd, connection, transaction, commandType, commandText, commandParameters);
			
				//create a reader
				SqlDataReader dr;

				// call ExecuteReader with the appropriate CommandBehavior
				if (connectionOwnership == SqlConnectionOwnership.External)
				{
                    dr = cmd.ExecuteReader();
				}
				else
				{
					dr = cmd.ExecuteReader(CommandBehavior.CloseConnection);
				}
			
				// detach the SqlParameters from the command object, so they can be used again.
				cmd.Parameters.Clear();
			
				return dr;
			}

			/// <summary>
			/// Execute a SqlCommand (that returns a resultset and takes no parameters) against the database specified in 
			/// the connection string. 
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  SqlDataReader dr = ExecuteReader(connString, CommandType.StoredProcedure, "GetOrders");
			/// </remarks>
			/// <param name="connectionString">a valid connection string for a SqlConnection</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <returns>a SqlDataReader containing the resultset generated by the command</returns>
			public static SqlDataReader ExecuteReader(string connectionString, CommandType commandType, string commandText)
			{
				//pass through the call providing null for the set of SqlParameters
				return ExecuteReader(connectionString, commandType, commandText, (SqlParameter[])null);
			}

			/// <summary>
			/// Execute a SqlCommand (that returns a resultset) against the database specified in the connection string 
			/// using the provided parameters.
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  SqlDataReader dr = ExecuteReader(connString, CommandType.StoredProcedure, "GetOrders", new SqlParameter("@prodid", 24));
			/// </remarks>
			/// <param name="connectionString">a valid connection string for a SqlConnection</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
			/// <returns>a SqlDataReader containing the resultset generated by the command</returns>
			public static SqlDataReader ExecuteReader(string connectionString, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
			{
				//create & open a SqlConnection
				SqlConnection cn = new SqlConnection(connectionString);
				cn.Open();

				try
				{
					//call the private overload that takes an internally owned connection in place of the connection string
					return ExecuteReader(cn, null, commandType, commandText, commandParameters,SqlConnectionOwnership.Internal);
				}
				catch(Exception e)
				{
					//if we fail to return the SqlDatReader, we need to close the connection ourselves
					cn.Close();
					throw;
				}
			}

			/// <summary>
			/// Execute a stored procedure via a SqlCommand (that returns a resultset) against the database specified in 
			/// the connection string using the provided parameter values.  This method will query the database to discover the parameters for the 
			/// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
			/// </summary>
			/// <remarks>
			/// This method provides no access to output parameters or the stored procedure's return value parameter.
			/// 
			/// e.g.:  
			///  SqlDataReader dr = ExecuteReader(connString, "GetOrders", 24, 36);
			/// </remarks>
			/// <param name="connectionString">a valid connection string for a SqlConnection</param>
			/// <param name="spName">the name of the stored procedure</param>
			/// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
			/// <returns>a SqlDataReader containing the resultset generated by the command</returns>
			public static SqlDataReader ExecuteReader(string connectionString, string spName, params object[] parameterValues)
			{
				//if we receive parameter values, we need to figure out where they go
				if ((parameterValues != null) && (parameterValues.Length > 0)) 
				{
					//pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
					SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(connectionString, spName);

					//assign the provided values to these parameters based on parameter order
                    if (parameterValues[0].GetType() == typeof(SqlParameter))
                    {
                        commandParameters = (SqlParameter[])parameterValues;
                    }
                    else
                    {
                        AssignParameterValues(commandParameters, parameterValues);
                    }
					

					//call the overload that takes an array of SqlParameters
					return ExecuteReader(connectionString, CommandType.StoredProcedure, spName, commandParameters);
				}
					//otherwise we can just call the SP without params
				else 
				{
					return ExecuteReader(connectionString, CommandType.StoredProcedure, spName);
				}
			}

			/// <summary>
			/// Execute a SqlCommand (that returns a resultset and takes no parameters) against the provided SqlConnection. 
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  SqlDataReader dr = ExecuteReader(conn, CommandType.StoredProcedure, "GetOrders");
			/// </remarks>
			/// <param name="connection">a valid SqlConnection</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <returns>a SqlDataReader containing the resultset generated by the command</returns>
			public static SqlDataReader ExecuteReader(SqlConnection connection, CommandType commandType, string commandText)
			{
				//pass through the call providing null for the set of SqlParameters
				return ExecuteReader(connection, commandType, commandText, (SqlParameter[])null);
			}

			/// <summary>
			/// Execute a SqlCommand (that returns a resultset) against the specified SqlConnection 
			/// using the provided parameters.
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  SqlDataReader dr = ExecuteReader(conn, CommandType.StoredProcedure, "GetOrders", new SqlParameter("@prodid", 24));
			/// </remarks>
			/// <param name="connection">a valid SqlConnection</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
			/// <returns>a SqlDataReader containing the resultset generated by the command</returns>
			public static SqlDataReader ExecuteReader(SqlConnection connection, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
			{
				//pass through the call to the private overload using a null transaction value and an externally owned connection
				return ExecuteReader(connection, (SqlTransaction)null, commandType, commandText, commandParameters, SqlConnectionOwnership.External);
			}

			/// <summary>
			/// Execute a stored procedure via a SqlCommand (that returns a resultset) against the specified SqlConnection 
			/// using the provided parameter values.  This method will query the database to discover the parameters for the 
			/// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
			/// </summary>
			/// <remarks>
			/// This method provides no access to output parameters or the stored procedure's return value parameter.
			/// 
			/// e.g.:  
			///  SqlDataReader dr = ExecuteReader(conn, "GetOrders", 24, 36);
			/// </remarks>
			/// <param name="connection">a valid SqlConnection</param>
			/// <param name="spName">the name of the stored procedure</param>
			/// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
			/// <returns>a SqlDataReader containing the resultset generated by the command</returns>
			public static SqlDataReader ExecuteReader(SqlConnection connection, string spName, params object[] parameterValues)
			{
				//if we receive parameter values, we need to figure out where they go
				if ((parameterValues != null) && (parameterValues.Length > 0)) 
				{
					SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(connection.ConnectionString, spName);


                    AssignParameterValues(commandParameters, parameterValues);

					return ExecuteReader(connection, CommandType.StoredProcedure, spName, commandParameters);
				}
					//otherwise we can just call the SP without params
				else 
				{
					return ExecuteReader(connection, CommandType.StoredProcedure, spName);
				}
			}

			/// <summary>
			/// Execute a SqlCommand (that returns a resultset and takes no parameters) against the provided SqlTransaction. 
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  SqlDataReader dr = ExecuteReader(trans, CommandType.StoredProcedure, "GetOrders");
			/// </remarks>
			/// <param name="transaction">a valid SqlTransaction</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <returns>a SqlDataReader containing the resultset generated by the command</returns>
			public static SqlDataReader ExecuteReader(SqlTransaction transaction, CommandType commandType, string commandText)
			{
				//pass through the call providing null for the set of SqlParameters
				return ExecuteReader(transaction, commandType, commandText, (SqlParameter[])null);
			}

			/// <summary>
			/// Execute a SqlCommand (that returns a resultset) against the specified SqlTransaction
			/// using the provided parameters.
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///   SqlDataReader dr = ExecuteReader(trans, CommandType.StoredProcedure, "GetOrders", new SqlParameter("@prodid", 24));
			/// </remarks>
			/// <param name="transaction">a valid SqlTransaction</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
			/// <returns>a SqlDataReader containing the resultset generated by the command</returns>
			public static SqlDataReader ExecuteReader(SqlTransaction transaction, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
			{
				//pass through to private overload, indicating that the connection is owned by the caller
				return ExecuteReader(transaction.Connection, transaction, commandType, commandText, commandParameters, SqlConnectionOwnership.External);
			}

			/// <summary>
			/// Execute a stored procedure via a SqlCommand (that returns a resultset) against the specified
			/// SqlTransaction using the provided parameter values.  This method will query the database to discover the parameters for the 
			/// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
			/// </summary>
			/// <remarks>
			/// This method provides no access to output parameters or the stored procedure's return value parameter.
			/// 
			/// e.g.:  
			///  SqlDataReader dr = ExecuteReader(trans, "GetOrders", 24, 36);
			/// </remarks>
			/// <param name="transaction">a valid SqlTransaction</param>
			/// <param name="spName">the name of the stored procedure</param>
			/// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
			/// <returns>a SqlDataReader containing the resultset generated by the command</returns>
			public static SqlDataReader ExecuteReader(SqlTransaction transaction, string spName, params object[] parameterValues)
			{
				//if we receive parameter values, we need to figure out where they go
				if ((parameterValues != null) && (parameterValues.Length > 0)) 
				{
					SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(transaction.Connection.ConnectionString, spName);

					AssignParameterValues(commandParameters, parameterValues);

					return ExecuteReader(transaction, CommandType.StoredProcedure, spName, commandParameters);
				}
					//otherwise we can just call the SP without params
				else 
				{
					return ExecuteReader(transaction, CommandType.StoredProcedure, spName);
				}
			}

			#endregion ExecuteReader

			#region ExecuteScalar
		
			/// <summary>
			/// Execute a SqlCommand (that returns a 1x1 resultset and takes no parameters) against the database specified in 
			/// the connection string. 
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  int orderCount = (int)ExecuteScalar(connString, CommandType.StoredProcedure, "GetOrderCount");
			/// </remarks>
			/// <param name="connectionString">a valid connection string for a SqlConnection</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <returns>an object containing the value in the 1x1 resultset generated by the command</returns>
			public static object ExecuteScalar(string connectionString, CommandType commandType, string commandText)
			{
				//pass through the call providing null for the set of SqlParameters
				return ExecuteScalar(connectionString, commandType, commandText, (SqlParameter[])null);
			}

			/// <summary>
			/// Execute a SqlCommand (that returns a 1x1 resultset) against the database specified in the connection string 
			/// using the provided parameters.
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  int orderCount = (int)ExecuteScalar(connString, CommandType.StoredProcedure, "GetOrderCount", new SqlParameter("@prodid", 24));
			/// </remarks>
			/// <param name="connectionString">a valid connection string for a SqlConnection</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
			/// <returns>an object containing the value in the 1x1 resultset generated by the command</returns>
			public static object ExecuteScalar(string connectionString, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
			{
				//create & open a SqlConnection, and dispose of it after we are done.
				using (SqlConnection cn = new SqlConnection(connectionString))
				{
					cn.Open();

					//call the overload that takes a connection in place of the connection string
					return ExecuteScalar(cn, commandType, commandText, commandParameters);
				}
			}

			/// <summary>
			/// Execute a stored procedure via a SqlCommand (that returns a 1x1 resultset) against the database specified in 
			/// the connection string using the provided parameter values.  This method will query the database to discover the parameters for the 
			/// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
			/// </summary>
			/// <remarks>
			/// This method provides no access to output parameters or the stored procedure's return value parameter.
			/// 
			/// e.g.:  
			///  int orderCount = (int)ExecuteScalar(connString, "GetOrderCount", 24, 36);
			/// </remarks>
			/// <param name="connectionString">a valid connection string for a SqlConnection</param>
			/// <param name="spName">the name of the stored procedure</param>
			/// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
			/// <returns>an object containing the value in the 1x1 resultset generated by the command</returns>
			public static object ExecuteScalar(string connectionString, string spName, params object[] parameterValues)
			{
				//if we receive parameter values, we need to figure out where they go
				if ((parameterValues != null) && (parameterValues.Length > 0)) 
				{
					//pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
					SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(connectionString, spName);

					//assign the provided values to these parameters based on parameter order
					AssignParameterValues(commandParameters, parameterValues);

					//call the overload that takes an array of SqlParameters
					return ExecuteScalar(connectionString, CommandType.StoredProcedure, spName, commandParameters);
				}
					//otherwise we can just call the SP without params
				else 
				{
					return ExecuteScalar(connectionString, CommandType.StoredProcedure, spName);
				}
			}

			/// <summary>
			/// Execute a SqlCommand (that returns a 1x1 resultset and takes no parameters) against the provided SqlConnection. 
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  int orderCount = (int)ExecuteScalar(conn, CommandType.StoredProcedure, "GetOrderCount");
			/// </remarks>
			/// <param name="connection">a valid SqlConnection</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <returns>an object containing the value in the 1x1 resultset generated by the command</returns>
			public static object ExecuteScalar(SqlConnection connection, CommandType commandType, string commandText)
			{
				//pass through the call providing null for the set of SqlParameters
				return ExecuteScalar(connection, commandType, commandText, (SqlParameter[])null);
			}

			/// <summary>
			/// Execute a SqlCommand (that returns a 1x1 resultset) against the specified SqlConnection 
			/// using the provided parameters.
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  int orderCount = (int)ExecuteScalar(conn, CommandType.StoredProcedure, "GetOrderCount", new SqlParameter("@prodid", 24));
			/// </remarks>
			/// <param name="connection">a valid SqlConnection</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
			/// <returns>an object containing the value in the 1x1 resultset generated by the command</returns>
			public static object ExecuteScalar(SqlConnection connection, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
			{
				//create a command and prepare it for execution
				SqlCommand cmd = new SqlCommand();
				PrepareCommand(cmd, connection, (SqlTransaction)null, commandType, commandText, commandParameters);
			
				//execute the command & return the results
				object retval = cmd.ExecuteScalar();
			
				// detach the SqlParameters from the command object, so they can be used again.
				cmd.Parameters.Clear();
				return retval;
			
			}

			/// <summary>
			/// Execute a stored procedure via a SqlCommand (that returns a 1x1 resultset) against the specified SqlConnection 
			/// using the provided parameter values.  This method will query the database to discover the parameters for the 
			/// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
			/// </summary>
			/// <remarks>
			/// This method provides no access to output parameters or the stored procedure's return value parameter.
			/// 
			/// e.g.:  
			///  int orderCount = (int)ExecuteScalar(conn, "GetOrderCount", 24, 36);
			/// </remarks>
			/// <param name="connection">a valid SqlConnection</param>
			/// <param name="spName">the name of the stored procedure</param>
			/// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
			/// <returns>an object containing the value in the 1x1 resultset generated by the command</returns>
			public static object ExecuteScalar(SqlConnection connection, string spName, params object[] parameterValues)
			{
				//if we receive parameter values, we need to figure out where they go
				if ((parameterValues != null) && (parameterValues.Length > 0)) 
				{
					//pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
					SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(connection.ConnectionString, spName);

					//assign the provided values to these parameters based on parameter order
					AssignParameterValues(commandParameters, parameterValues);

					//call the overload that takes an array of SqlParameters
					return ExecuteScalar(connection, CommandType.StoredProcedure, spName, commandParameters);
				}
					//otherwise we can just call the SP without params
				else 
				{
					return ExecuteScalar(connection, CommandType.StoredProcedure, spName);
				}
			}

			/// <summary>
			/// Execute a SqlCommand (that returns a 1x1 resultset and takes no parameters) against the provided SqlTransaction. 
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  int orderCount = (int)ExecuteScalar(trans, CommandType.StoredProcedure, "GetOrderCount");
			/// </remarks>
			/// <param name="transaction">a valid SqlTransaction</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <returns>an object containing the value in the 1x1 resultset generated by the command</returns>
			public static object ExecuteScalar(SqlTransaction transaction, CommandType commandType, string commandText)
			{
				//pass through the call providing null for the set of SqlParameters
				return ExecuteScalar(transaction, commandType, commandText, (SqlParameter[])null);
			}

			/// <summary>
			/// Execute a SqlCommand (that returns a 1x1 resultset) against the specified SqlTransaction
			/// using the provided parameters.
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  int orderCount = (int)ExecuteScalar(trans, CommandType.StoredProcedure, "GetOrderCount", new SqlParameter("@prodid", 24));
			/// </remarks>
			/// <param name="transaction">a valid SqlTransaction</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
			/// <returns>an object containing the value in the 1x1 resultset generated by the command</returns>
			public static object ExecuteScalar(SqlTransaction transaction, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
			{
				//create a command and prepare it for execution
				SqlCommand cmd = new SqlCommand();
				PrepareCommand(cmd, transaction.Connection, transaction, commandType, commandText, commandParameters);
			
				//execute the command & return the results
				object retval = cmd.ExecuteScalar();
			
				// detach the SqlParameters from the command object, so they can be used again.
				cmd.Parameters.Clear();
				return retval;
			}

			/// <summary>
			/// Execute a stored procedure via a SqlCommand (that returns a 1x1 resultset) against the specified
			/// SqlTransaction using the provided parameter values.  This method will query the database to discover the parameters for the 
			/// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
			/// </summary>
			/// <remarks>
			/// This method provides no access to output parameters or the stored procedure's return value parameter.
			/// 
			/// e.g.:  
			///  int orderCount = (int)ExecuteScalar(trans, "GetOrderCount", 24, 36);
			/// </remarks>
			/// <param name="transaction">a valid SqlTransaction</param>
			/// <param name="spName">the name of the stored procedure</param>
			/// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
			/// <returns>an object containing the value in the 1x1 resultset generated by the command</returns>
			public static object ExecuteScalar(SqlTransaction transaction, string spName, params object[] parameterValues)
			{
				//if we receive parameter values, we need to figure out where they go
				if ((parameterValues != null) && (parameterValues.Length > 0)) 
				{
					//pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
					SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(transaction.Connection.ConnectionString, spName);

					//assign the provided values to these parameters based on parameter order
					AssignParameterValues(commandParameters, parameterValues);

					//call the overload that takes an array of SqlParameters
					return ExecuteScalar(transaction, CommandType.StoredProcedure, spName, commandParameters);
				}
					//otherwise we can just call the SP without params
				else 
				{
					return ExecuteScalar(transaction, CommandType.StoredProcedure, spName);
				}
			}

			#endregion ExecuteScalar	

			#region ExecuteXmlReader

			/// <summary>
			/// Execute a SqlCommand (that returns a resultset and takes no parameters) against the provided SqlConnection. 
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  XmlReader r = ExecuteXmlReader(conn, CommandType.StoredProcedure, "GetOrders");
			/// </remarks>
			/// <param name="connection">a valid SqlConnection</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command using "FOR XML AUTO"</param>
			/// <returns>an XmlReader containing the resultset generated by the command</returns>
			public static XmlReader ExecuteXmlReader(SqlConnection connection, CommandType commandType, string commandText)
			{
				//pass through the call providing null for the set of SqlParameters
				return ExecuteXmlReader(connection, commandType, commandText, (SqlParameter[])null);
			}

			/// <summary>
			/// Execute a SqlCommand (that returns a resultset) against the specified SqlConnection 
			/// using the provided parameters.
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  XmlReader r = ExecuteXmlReader(conn, CommandType.StoredProcedure, "GetOrders", new SqlParameter("@prodid", 24));
			/// </remarks>
			/// <param name="connection">a valid SqlConnection</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command using "FOR XML AUTO"</param>
			/// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
			/// <returns>an XmlReader containing the resultset generated by the command</returns>
			public static XmlReader ExecuteXmlReader(SqlConnection connection, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
			{
				//create a command and prepare it for execution
				SqlCommand cmd = new SqlCommand();
				PrepareCommand(cmd, connection, (SqlTransaction)null, commandType, commandText, commandParameters);
			
				//create the DataAdapter & DataSet
				XmlReader retval = cmd.ExecuteXmlReader();
			
				// detach the SqlParameters from the command object, so they can be used again.
				cmd.Parameters.Clear();
				return retval;
			
			}

			/// <summary>
			/// Execute a stored procedure via a SqlCommand (that returns a resultset) against the specified SqlConnection 
			/// using the provided parameter values.  This method will query the database to discover the parameters for the 
			/// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
			/// </summary>
			/// <remarks>
			/// This method provides no access to output parameters or the stored procedure's return value parameter.
			/// 
			/// e.g.:  
			///  XmlReader r = ExecuteXmlReader(conn, "GetOrders", 24, 36);
			/// </remarks>
			/// <param name="connection">a valid SqlConnection</param>
			/// <param name="spName">the name of the stored procedure using "FOR XML AUTO"</param>
			/// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
			/// <returns>an XmlReader containing the resultset generated by the command</returns>
			public static XmlReader ExecuteXmlReader(SqlConnection connection, string spName, params object[] parameterValues)
			{
				//if we receive parameter values, we need to figure out where they go
				if ((parameterValues != null) && (parameterValues.Length > 0)) 
				{
					//pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
					SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(connection.ConnectionString, spName);

					//assign the provided values to these parameters based on parameter order
					AssignParameterValues(commandParameters, parameterValues);

					//call the overload that takes an array of SqlParameters
					return ExecuteXmlReader(connection, CommandType.StoredProcedure, spName, commandParameters);
				}
					//otherwise we can just call the SP without params
				else 
				{
					return ExecuteXmlReader(connection, CommandType.StoredProcedure, spName);
				}
			}

			/// <summary>
			/// Execute a SqlCommand (that returns a resultset and takes no parameters) against the provided SqlTransaction. 
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  XmlReader r = ExecuteXmlReader(trans, CommandType.StoredProcedure, "GetOrders");
			/// </remarks>
			/// <param name="transaction">a valid SqlTransaction</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command using "FOR XML AUTO"</param>
			/// <returns>an XmlReader containing the resultset generated by the command</returns>
			public static XmlReader ExecuteXmlReader(SqlTransaction transaction, CommandType commandType, string commandText)
			{
				//pass through the call providing null for the set of SqlParameters
				return ExecuteXmlReader(transaction, commandType, commandText, (SqlParameter[])null);
			}

			/// <summary>
			/// Execute a SqlCommand (that returns a resultset) against the specified SqlTransaction
			/// using the provided parameters.
			/// </summary>
			/// <remarks>
			/// e.g.:  
			///  XmlReader r = ExecuteXmlReader(trans, CommandType.StoredProcedure, "GetOrders", new SqlParameter("@prodid", 24));
			/// </remarks>
			/// <param name="transaction">a valid SqlTransaction</param>
			/// <param name="commandType">the CommandType (stored procedure, text, etc.)</param>
			/// <param name="commandText">the stored procedure name or T-SQL command using "FOR XML AUTO"</param>
			/// <param name="commandParameters">an array of SqlParamters used to execute the command</param>
			/// <returns>an XmlReader containing the resultset generated by the command</returns>
			public static XmlReader ExecuteXmlReader(SqlTransaction transaction, CommandType commandType, string commandText, params SqlParameter[] commandParameters)
			{
				//create a command and prepare it for execution
				SqlCommand cmd = new SqlCommand();
				PrepareCommand(cmd, transaction.Connection, transaction, commandType, commandText, commandParameters);
			
				//create the DataAdapter & DataSet
				XmlReader retval = cmd.ExecuteXmlReader();
			
				// detach the SqlParameters from the command object, so they can be used again.
				cmd.Parameters.Clear();
				return retval;			
			}

			/// <summary>
			/// Execute a stored procedure via a SqlCommand (that returns a resultset) against the specified 
			/// SqlTransaction using the provided parameter values.  This method will query the database to discover the parameters for the 
			/// stored procedure (the first time each stored procedure is called), and assign the values based on parameter order.
			/// </summary>
			/// <remarks>
			/// This method provides no access to output parameters or the stored procedure's return value parameter.
			/// 
			/// e.g.:  
			///  XmlReader r = ExecuteXmlReader(trans, "GetOrders", 24, 36);
			/// </remarks>
			/// <param name="transaction">a valid SqlTransaction</param>
			/// <param name="spName">the name of the stored procedure</param>
			/// <param name="parameterValues">an array of objects to be assigned as the input values of the stored procedure</param>
			/// <returns>a dataset containing the resultset generated by the command</returns>
			public static XmlReader ExecuteXmlReader(SqlTransaction transaction, string spName, params object[] parameterValues)
			{
				//if we receive parameter values, we need to figure out where they go
				if ((parameterValues != null) && (parameterValues.Length > 0)) 
				{
					//pull the parameters for this stored procedure from the parameter cache (or discover them & populate the cache)
					SqlParameter[] commandParameters = SqlHelperParameterCache.GetSpParameterSet(transaction.Connection.ConnectionString, spName);

					//assign the provided values to these parameters based on parameter order
					AssignParameterValues(commandParameters, parameterValues);

					//call the overload that takes an array of SqlParameters
					return ExecuteXmlReader(transaction, CommandType.StoredProcedure, spName, commandParameters);
				}
					//otherwise we can just call the SP without params
				else 
				{
					return ExecuteXmlReader(transaction, CommandType.StoredProcedure, spName);
				}
			}


			#endregion ExecuteXmlReader
		}

		public sealed class SqlHelperParameterCache
		{
			#region private methods, variables, and constructors

			//Since this class provides only static methods, make the default constructor private to prevent 
			//instances from being created with "new SqlHelperParameterCache()".
			private SqlHelperParameterCache() {}

			private static Hashtable paramCache = Hashtable.Synchronized(new Hashtable());

			/// <summary>
			/// resolve at run time the appropriate set of SqlParameters for a stored procedure
			/// </summary>
			/// <param name="connectionString">a valid connection string for a SqlConnection</param>
			/// <param name="spName">the name of the stored procedure</param>
			/// <param name="includeReturnValueParameter">whether or not to include their return value parameter</param>
			/// <returns></returns>
			private static SqlParameter[] DiscoverSpParameterSet(string connectionString, string spName, bool includeReturnValueParameter)
			{
				using (SqlConnection cn = new SqlConnection(connectionString)) 
				using (SqlCommand cmd = new SqlCommand(spName,cn))
				{
					cn.Open();
					cmd.CommandType = CommandType.StoredProcedure;

					SqlCommandBuilder.DeriveParameters(cmd);

					if (!includeReturnValueParameter) 
					{
						cmd.Parameters.RemoveAt(0);
					}

					SqlParameter[] discoveredParameters = new SqlParameter[cmd.Parameters.Count];;

					cmd.Parameters.CopyTo(discoveredParameters, 0);

					return discoveredParameters;
				}
			}

			//deep copy of cached SqlParameter array
			private static SqlParameter[] CloneParameters(SqlParameter[] originalParameters)
			{
				SqlParameter[] clonedParameters = new SqlParameter[originalParameters.Length];

				for (int i = 0, j = originalParameters.Length; i < j; i++)
				{
					clonedParameters[i] = (SqlParameter)((ICloneable)originalParameters[i]).Clone();
				}

				return clonedParameters;
			}

			#endregion private methods, variables, and constructors

			#region caching functions

			/// <summary>
			/// add parameter array to the cache
			/// </summary>
			/// <param name="connectionString">a valid connection string for a SqlConnection</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <param name="commandParameters">an array of SqlParamters to be cached</param>
			public static void CacheParameterSet(string connectionString, string commandText, params SqlParameter[] commandParameters)
			{
				string hashKey = connectionString + ":" + commandText;

				paramCache[hashKey] = commandParameters;
			}

			/// <summary>
			/// retrieve a parameter array from the cache
			/// </summary>
			/// <param name="connectionString">a valid connection string for a SqlConnection</param>
			/// <param name="commandText">the stored procedure name or T-SQL command</param>
			/// <returns>an array of SqlParamters</returns>
			public static SqlParameter[] GetCachedParameterSet(string connectionString, string commandText)
			{
				string hashKey = connectionString + ":" + commandText;

				SqlParameter[] cachedParameters = (SqlParameter[])paramCache[hashKey];
			
				if (cachedParameters == null)
				{			
					return null;
				}
				else
				{
					return CloneParameters(cachedParameters);
				}
			}

			#endregion caching functions

			#region Parameter Discovery Functions

			/// <summary>
			/// Retrieves the set of SqlParameters appropriate for the stored procedure
			/// </summary>
			/// <remarks>
			/// This method will query the database for this information, and then store it in a cache for future requests.
			/// </remarks>
			/// <param name="connectionString">a valid connection string for a SqlConnection</param>
			/// <param name="spName">the name of the stored procedure</param>
			/// <returns>an array of SqlParameters</returns>
			public static SqlParameter[] GetSpParameterSet(string connectionString, string spName)
			{
				return GetSpParameterSet(connectionString, spName, false);
			}

			/// <summary>
			/// Retrieves the set of SqlParameters appropriate for the stored procedure
			/// </summary>
			/// <remarks>
			/// This method will query the database for this information, and then store it in a cache for future requests.
			/// </remarks>
			/// <param name="connectionString">a valid connection string for a SqlConnection</param>
			/// <param name="spName">the name of the stored procedure</param>
			/// <param name="includeReturnValueParameter">a bool value indicating whether the return value parameter should be included in the results</param>
			/// <returns>an array of SqlParameters</returns>
			public static SqlParameter[] GetSpParameterSet(string connectionString, string spName, bool includeReturnValueParameter)
			{
				string hashKey = connectionString + ":" + spName + (includeReturnValueParameter ? ":include ReturnValue Parameter":"");

				SqlParameter[] cachedParameters;
			
				cachedParameters = (SqlParameter[])paramCache[hashKey];

				if (cachedParameters == null)
				{			
					cachedParameters = (SqlParameter[])(paramCache[hashKey] = DiscoverSpParameterSet(connectionString, spName, includeReturnValueParameter));
				}
			
				return CloneParameters(cachedParameters);
			}

			#endregion Parameter Discovery Functions

		}
}
